package com.codeboy.mediasoupandroiddemo.utils;

import org.java_websocket.client.WebSocketClient;

import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

public class HttpsConfig {
    /**
     * Trust every server - dont check for any certificate
     */
    public  static void trustAllHosts(WebSocketClient appClient) {
        SSLContext sslContext = null;
        try {
            sslContext = SSLContext.getInstance("TLS");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }

        try {
            sslContext.init(null, new TrustManager[]{
                    new X509TrustManager() {

                        @Override
                        public void checkClientTrusted(X509Certificate[] chain, String authType) {

                        }


                        @Override
                        public void checkServerTrusted(X509Certificate[] chain, String authType) {

                        }

                        @Override
                        public X509Certificate[] getAcceptedIssuers() {
                            return new X509Certificate[0];
                        }
                    }
            }, new SecureRandom());
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }
        SSLSocketFactory factory = sslContext.getSocketFactory();

        try {
            appClient.setSocket(factory.createSocket());
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
    public static OkHttpClient getOkHttpClient(){

        //添加post公共请求参数  Constants.PACKAGE 和 Constants.CFROM
        OkHttpClient okHttpClient = new OkHttpClient.Builder()
                .hostnameVerifier(myHostnameVerifier())
                .sslSocketFactory(getSSLSocketFactory(), getX509TrustManager())
                .addInterceptor(new Interceptor() {
                    @Override
                    public Response intercept(Chain chain) throws IOException {
                        Request request = chain.request()
                                .newBuilder()
                                .addHeader("Sec-WebSocket-Protocol", "protoo")
                                .build();
                        return chain.proceed(request);
                    }

                })
                .build();
        return  okHttpClient;
    }
    public  static SSLSocketFactory getSSLSocketFactory(){

        SSLContext mySSLContext = null;
        try {
            mySSLContext = SSLContext.getInstance("TLS");
            mySSLContext.init(null, trustAllCerts, new java.security.SecureRandom());
            return  mySSLContext.getSocketFactory();

        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }
        return  null;

    }
    public  static HostnameVerifier myHostnameVerifier(){

        return  new HostnameVerifier() {
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        };
    }
    static TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {

        @Override
        public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

        }

        @Override
        public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {

        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }};
    public  static  X509TrustManager  getX509TrustManager(){


        return    new X509TrustManager() {
            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType) {
                try {
                    System.out.println("checkClientTrusted " + authType);
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }

            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType) {
                try {
                    System.out.println("checkClientTrusted " + authType);
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }

            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
    }

}
